Categories
Section Navigation
Ever since I first hypothesized that LulzSecurity, better known as LulzSec, was a government red team, the evidence just keeps building. If LulzSec is not a government operation then it is very likely that they have government operatives in their ranks influencing all of the decision making while keeping tabs. If they are not infiltrated by government-funded hackers, then they are so short sighted that they think getting some giggles over defacing pages or bringing down public websites through DDoS attacks outweighs the repercussions.
Assuming that this “hacktivist” group would actually be clueless enough to think that carrying out these major hacks right when the Senate Judiciary Committee is about to hold a hearing on the Obama administration’s cybersecurity proposals before the subcommittee on Crime and Terrorism is a bit of a leap.
Regardless of if LulzSec is a government red team or just useful idiots, they are perfectly playing into the hands of the Obama administration and others in Washington.
These latest attacks serve to lend a great deal of support to the Obama administration’s efforts to crackdown on internet freedoms in the name of national and personal security. LulzSec’s release of over 62,000 e-mail and password combinations of everyday people will undoubtedly get a segment of the population behind these legislative maneuvers. The Obama administration has also been calling for the maximum sentencing for potentially endangering national security to be bumped up from 10 years to 20 years.
The pushes coming from the Obama camp and throughout Washington were coming long before this recent string of high-profile attacks. LulzSec’s recent actions therefore allow Obama and other politicians to say, “Look, we obviously really need this! You would have been safe if you passed this bill taking away all free speech and privacy on the internet!”
If this law is passed it will put every participant in any operation carried out by LulzSec against a government target such as Senate.gov, CIA.gov, or perhaps even the FBI affiliate InfraGard at risk of going to prison for up to 20 years. It would also make it much easier to prosecute whistle-blowers, like Pfc. Bradley Manning, and put them away for significant lengths of time.
Now LulzSec is stepping up their game by joining forces with the group called Anonymous, a loose-knit group of internet users whose formation can be traced back to 4Chan. This merger and the declaration of open war on government and banking websites has brought international scrutiny and especially domestic federal attention.
From Pastebin
Salutations Lulz Lizards,
As we’re aware, the government and whitehat security terrorists across the world continue to dominate and control our Internet ocean. Sitting pretty on cargo bays full of corrupt booty, they think it’s acceptable to condition and enslave all vessels in sight. Our Lulz Lizard battle fleet is now declaring immediate and unremitting war on the freedom-snatching moderators of 2011.
Welcome to Operation Anti-Security (#AntiSec) – we encourage any vessel, large or small, to open fire on any government or agency that crosses their path. We fully endorse the flaunting of the word “AntiSec” on any government website defacement or physical graffiti art. We encourage you to spread the word of AntiSec far and wide, for it will be remembered. To increase efforts, we are now teaming up with the Anonymous collective and all affiliated battleships.
Whether you’re sailing with us or against us, whether you hold past grudges or a burning desire to sink our lone ship, we invite you to join the rebellion. Together we can defend ourselves so that our privacy is not overrun by profiteering gluttons. Your hat can be white, gray or black, your skin and race are not important. If you’re aware of the corruption, expose it now, in the name of Anti-Security.
Top priority is to steal and leak any classified government information, including email spools and documentation. Prime targets are banks and other high-ranking establishments. If they try to censor our progress, we will obliterate the censor with cannonfire anointed with lizard blood.
It’s now or never. Come aboard, we’re expecting you…
History begins today.
Lulz Security,
http://LulzSecurity.com/
Support: http://www.mithral.com/~beberg/manifesto.html
Support: http://www.youtube.com/user/thejuicemedia
Support: http://wikileaks.ch/
Support: http://anonyops.com/
The United States Computer Emergency Readiness Team, a division of the Department of Homeland Security, has already issued a short guide to mitigating against these DDoS attacks employed by LulzSec, most recently on the CIA public website. Due to the increased scrutiny both of these groups have been put under, an arrest has already been made in the UK where a 19 year old named Ryan Cleary was arrested on Monday. On top of the law enforcement agencies around the world increasing the heat on LulzSec and Anonymous, the media is helping to make this possible red team seem like the al Qaeda of the internet. And what can stop the al Qaeda of the internet? Why only draconian cybersecurity measures of course!
The International Business Times characterizes LulzSec as a, “terror ring of super-brain hackers who torment governments and the biggest of corporations in the world no end.” Later in the article we read, “‘The loner who lives his life online’ would face up to 60 years in prison in the US if his guilt is proved in a court. He is liable to be extradited to the US for the offence [sic] of hacking into the Senate and CIA.”
This is after the group claimed to have only a mild association with Cleary. The fact is that it would be very unlikely for the group not to be infiltrated by federal or international law enforcement or individuals working with them. LulzSec is being exposed thoroughly from within their own ranks, there are several logs from IRC here. There has also been a Blogspot website set up called “LulzSec Exposed” that purports to expose several members, conversations, and logs from older IRC chats proving that LulzSec came out of Anonymous.
There is also the unconfirmed claim made that alleges the LulzSec member Nakomis is actually military counter-intelligence.
At this point, we cannot say with any amount of certainty if this group is a government red team. However, we can definitely say that they are flawlessly building support for the Obama administration’s China-style web censorship plans and longer sentences for hacking. It also helps justify massive expenditures like the $1.2 billion NSA cybersecurity center.
What do you think? Are the members of LulzSec inadvertently supporting legislation that will eradicate all of our freedoms? Or are they at least infiltrated by government agents who are influencing the direction and target of the attacks? Or could a large percentage of them be government agents or free-lance contractors, forming a legitimate red team/red cell?
Personally, I think that they are infiltrated by government agents or individuals hired by the government that are directing their attacks, all of which have served as perfect talking points for legislators like Joe Lieberman. It just seems all too coincidental and beneficial for Washington politicians and all too nonsensical for a group of hacktivists.
The LulzSec controversy continues: damage control, disinformation, and doubt
Today the Guardian posted the leaked LulzSec chat logs from their IRC, while also publishing a rough summary of the details revealed in the logs. Interestingly enough, I am cited as an example of how the supposed LulzSec disinformation campaign aimed at making them seem to be CIA operatives was a success. Is this true? Is LulzSec really just a conglomeration of skiddies and malcontents causing pointless mischief?
While I am flattered by the fact that the Guardian writers Ryan Gallagher and Charles Arthur found and read my article, I do not think that my quote was at all indicative of a successful disinformation operation carried out by LulzSec. By saying “I hypothesize” I made it quite clear that it is nothing more than a falsifiable conjecture that should be investigated. It would not even fall into the realm of “theory” although I am sure much would love to peg such a notion as a “conspiracy theory” regardless of the illegitimacy of such a term.
Let’s address some of the points raised in this article in order to get a better understanding of the situation and what exactly leads me to hypothesize that the operation could at least be infiltrated by government operatives. Let’s also dispense with this often cited statistic: 25% of all hackers in the United States are FBI informants.
While this claim is made by what I would consider a credible source, Eric Corley, publisher of 2600: The Hacker Quarterly, many seem to object to the legitimacy of this number. Therefore, I think for the sake of analysis we should cast it aside as it is not necessarily required to raise questions about LulzSecurity and their intentions.
I should also preface this by quoting what I wrote in this article,
“At this point, we cannot say with any amount of certainty if this group is a government red team. However, we can definitely say that they are flawlessly building support for the Obama administration’s China-style web censorship plans and longer sentences for hacking. It also helps justify massive expenditures like the $1.2 billion NSA cybersecurity center.”
So, if LulzSecurity is not infiltrated, directed, or in any way involved with any government agency or affiliated private sector firm, they are doing a bang-up job of making it seem like they are. I have some difficulty concocting a reason why they would intentionally create the rumor that they are government operatives, but apparently the Guardian has no problem with running with it:
[...]
The logs also reveal that the group began a campaign of disinformation around LulzSec. Their goal was to convince – and confuse – internet users into believing a conspiracy theory: that LulzSec is in fact a crack team of CIA agents working to expose the insecurities of the web, headed by Adrian Lamo, the hacker who reported the alleged WikiLeaks whistleblower Bradley Manning to the authorities.
“You guys are claiming that LulzSec is a CIA op … that Anonymous is working to uncover LulzSec … that Adrian Lamo is at the head of it all … and people actually BELIEVE this shit?” writes joepie91, another member. “You just tell some bullshit story and people fill in the rest for you.”
“I know, it’s brilliant,” replies Topiary.
[...]
It is pretty clear that Anonymous is not working to uncover LulzSec, I’m not sure who would believe such a thing, but they would have to be completely ignorant to do so. I can see a logical motivation to point the internet in the wrong direction towards the “homeless hacker” Adrian Lamo, but the notion of them being a crack team of CIA agents doesn’t seem like it would do much.
The supposedly successful disinformation campaign hasn’t prevented other hacking groups from continuing to pursue LulzSec in an attempt to expose them before the international authorities do. If people were convinced they were actually a team of CIA cybersecurity masterminds, why would they continue to do such a thing? Would they not be concerned that such a thing would get them thrown in federal prison for unknown lengths of time?
The Guardian piece points out that LulzSec seems to derive some kind of pleasure out of the publicity surrounding their attacks. This publicity is far from lacking so if they do indeed enjoy the fame, they won’t be stopping any time soon. If they are actually as reliant on media attention as the Guardian article implies, we can expect to see many more highly-publicized attacks in the near future, if not an escalation of targets.
There are some major holes in the idea that they could be a “crack team of CIA agents,” mainly that they are known to exploits and pre-compiled scripts made by other hackers. This is something that is derided within the hacking community, and it is something that greatly weakens the argument that they are crack CIA hacking experts.
Another strange piece in the LulzSec puzzle is their alleged attempt at extorting Unveillance, a private company that provides tools to accurately determine the presence of botnets in networks. One could see why any hacking group would attack a person providing such a service as it would likely benefit them by preventing the detection of their botnets. Their method of extortion, clearly laid out in the IRC logs provided at the above link, is aimed more at preventing his reputation as a cybersecurity expert to be crushed, destroying his entire livelihood. They also claim that there are blackhat hackers who have planned to murder other whitehat cybersecurity professionals. They take this chance to make sure to show that they are not so bad and that he should be grateful for their help and consider it a “partnership.”
However, one could also argue that a CIA/NSA/DoD cyberwarfare group would be smart enough to mix up their attacks with basic DDoS attacks and mySQL injections in order to make it seem like a bunch of mischievous tennage hackers. We must remember that not all of their attacks have been this simple.
As PC World points out in an article published today regarding the most recent LulzSec attack,
“Previous efforts have been limited to denial of service attacks on Websites, including those of the Brazilian and Chinese governments. Unlike those attacks, this hack has resulted in the sharing of confidential information.”
Unlike a DDoS which can be carried out by a skiddie with a botnet, these types of major confidential database breaches represent a significantly more coordinated and skilled attack. This most recent operation was highly politically motivated due to Arizona’s anti-illegal immigration law, a law that has many people upset, including POTUS Obama. Therefore, this attack, unlike the rudimentary DDoS attack on the CIA’s public web page, lends some support to the red team hypothesis. This also serves as even more fuel for federal and state government to push through highly restrictive legislation in order to protect sensitive government data.
If LulzSec is capable of performing these significantly more advanced attacks on secure law enforcement networks (assuming there wasn’t some gaping security hole or back door in their network) why were they not capable of doing something to the CIA other than just overloading their public-facing site? If the LulzSec and Anonymous joint operation code-named “Anti-Sec” is really aimed at revealing government secrets and corruption, why would they perform such a pointless and ineffectual attack on an extremely high-value target like the CIA?
In the above linked PC World article, we also read,
“This isn’t the first time LulzSec has hacked a government agency. The group’s previous exploits include an attack on the U.S. Senate, a denial of service attack on the CIA’s Website, and a hack on an FBI-affialiated [sic] organization, Infragard. Earlier attacks focused on game companies and news organizations.”
Both the Senate.gov and InfraGard hacks were significantly more complex than the CIA DDoS and the former attacks both garnered sensitive information, just like the most recent attack on Arizona. So why was the potential goldmine of classified and highly sensitive information contained on CIA networks subjected to nothing more than a DDoS attack? Why carry out what amounts to harassment against a single target while actually breaching the rest of the targeted networks? I find the attack on the CIA very interesting, given these facts.
Now let’s look over the pertinent portion of the IRC logs in which “disinformation campaign” was concocted and planned. I think you will find that the evidence of them launching a disinformation campaign is more lacking than the evidence pointing to them being involved with an, at this point, unknown government agency. Neither can be proven to any degree of certainty worth mentioning. The fact that the Guardian ran with this “conspiracy theory” is quite interesting to me given the extremely brief and vague passage on which they are basing this claim.
(Note that there is no symbol separating the username from the message, and one of the users in the IRC is named “lol.” This is somewhat confusing on first read so I wanted to make that clear. The most pertinent sections are highlighted in blue.)
Jun 04 08:22:35 joepie91 http://pastebin.com/rrZDkbp7
Jun 04 08:22:44 joepie91 Avunit Sabu tflow lol Topiary
Jun 04 08:22:46 joepie91 read pastebin
Jun 04 08:24:18 Topiary see, now that’s the entire HBGary crew
Jun 04 08:24:21 Topiary so why is your name in it?
Jun 04 08:25:46 joepie91 probably because I was in the leaked logs?
Jun 04 08:25:53 joepie91 anyway, is entropy still here under some nick?
Jun 04 08:25:58 Topiary nope
Jun 04 08:26:10 joepie91 also, it was tweeted by Awinee
Jun 04 08:26:12 joepie91 a few minutes ago
Jun 04 08:26:16 Topiary let’s just ignore it
Jun 04 08:26:21 Topiary been ignoring them all for days
Jun 04 08:26:22 joepie91 so I think he just grepped the #hq logs then
Jun 04 08:26:38 Topiary it’s fine if we just stay here and don’t expose ourselves in other locations
Jun 04 08:26:41 Topiary they can’t do anything
Jun 04 08:27:15 * trollpoll ([email protected]) has joined #pure-elite
Jun 04 08:27:18 lol we should do a mass disinfo campaingn
?Jun 04 08:27:19 Topiary ‘sides this is Pure Elite not LulzSec, heh luckily our gang of awesome development folks working in side-ops didn’t get on that list
Jun 04 08:27:28 joepie91 lol
Jun 04 08:28:07 lol lets add the lulzsec.com domain adrian lamo owns and awiness dox and some other jesterfags to a pastebin and call it “lulzsec members” then pastebin spam it so it trends like pr0′s
?Jun 04 08:28:16 trollpoll lol, i was thinking just on this
Jun 04 08:28:20 lol or you think doing tht will give them more reason to think it is us?
Jun 04 08:28:22 trollpoll but, saying more or less
Jun 04 08:28:26 trollpoll that lulzsec is CIA
Jun 04 08:28:31 Topiary hmm not sure who IS LulzSec really… tflow/Sabu/myself/kayla started it, then tflow was on/off, then Avunit/pwnsauce joined in, then you guys came onboard…
I guess nobody and everybodyJun 04 08:29:14 Topiary let’s spread disinfo about CIA I guess
Jun 04 08:29:28 tflow yeah but props to trollpoll for exploiting that fox.com hole
Jun 04 08:29:30 trollpoll it makes sense
Jun 04 08:29:34 Topiary oh definitely yeah
Jun 04 08:29:41 Topiary we have trollpoll to thank for the first hit
Jun 04 08:29:49 Topiary very good shit
Jun 04 08:30:05 trollpoll not all mine…
Jun 04 08:30:14 Topiary word is that you exploited it up nicely
Jun 04 08:30:37 trollpoll but i lost the lulz
Jun 04 08:30:55 Topiary “awinee Awinee
Jun 04 08:30:55 Topiary I’ll dedicate this day to @avunitanon. @LulzSec watch closely as I sink your humble boat. Nothing personal, just #lulz. Read next tweet.
Jun 04 08:30:55 Topiary ”
Jun 04 08:30:57 Topiary 2 minutes ago
Jun 04 08:30:58 * Topiary watches
Jun 04 08:31:19 joepie91 well shit
Jun 04 08:31:21 joepie91 I have to get bread
Jun 04 08:31:25 joepie91 but I dun want to miss the lulz
Jun 04 08:31:25 joepie91
Jun 04 08:31:49 Topiary Awinee has no fucking idea what the word “humble” means
Jun 04 08:32:16 joepie91 maybe you should tell him about the humble bundle
Jun 04 08:32:20 Topiary he’s not charismatic, he’s not skilled, he’s not funny, he’s not smart, he’s ugly and out of shape, and he wakes up at 2 in the afternoon every day
Jun 04 08:32:22 joepie91 for further confuse
Jun 04 08:32:22 * Topiary shakes head
Jun 04 08:32:23 Topiary poor boy
Jun 04 08:33:55 trollpoll Topiary, about CIA, will make sense to ppl, cos in fact makes sense to me
Jun 04 08:34:18 trollpoll as far as i know, one of you could be some CIA guy
Jun 04 08:34:36 Topiary it’s true
Jun 04 08:34:36 trollpoll using “hackers” to their benefits
Jun 04 08:34:48 trollpoll attacking iran
Jun 04 08:34:57 trollpoll lybia
Jun 04 08:35:00 trollpoll or whatever
Jun 04 08:35:04 trollpoll is CIA style
Jun 04 08:35:17 trollpoll also, makes the hackers thing they are freelance
Jun 04 08:35:39 trollpoll but ey, if one of you is a cia guy… cmon, no problem, we are for lulz xD
Jun 04 08:35:52 Topiary if I were CIA I’d certainly be looking for a crew like this
Jun 04 08:36:03 trollpoll sure
Jun 04 08:36:05 Topiary seriously if you gave us all a schedule, office building, and paycheques
Jun 04 08:36:09 Topiary we’d just destroy the world
Jun 04 08:36:36 trollpoll well, in a not far future, perhaps we will end at it…
Jun 04 08:36:57 Topiary hehe
Jun 04 08:37:00 trollpoll i mean… the whitehat security companies started like this…
I must agree with Topiary on this one, the notion that they could be involved with the CIA does make sense to me. It also makes sense to me that if a group was infiltrated by CIA or some other government or affiliated corporate entity, they would actively seek to pump out disinformation and confusion in order to make it unclear who they really are. Similarly, it would make sense that only a very small portion of a hacking crew would need to be government affiliated in order to run the necessary operations. All you need is one or two people in a leadership role and the rest of the group need not have any idea.
What it ultimately comes down to is the fact that it really does not matter if LulzSec is a red team. They are serving the exact same purpose no matter if they are all chatting sitting next to each other in an NSA datacenter or if they are all teenagers using their mom’s computer in the basement. Their “disinformation campaign” is ultimately futile as they are clearly building public and governmental support for cyber crackdown.
SOURCES:
TruthFrequencyNews
End Of The Line
Chronicle
Paraspiracy
U.S. To Introduce Draconian Anti-Piracy Censorship Bill
The U.S. Government is determined to put an end to online piracy. In an attempt to give copyright holders and the authorities all the tools required to disable access to so-called rogue sites, lawmakers will soon introduce the PROTECT IP Act. Through domain seizures, ISP blockades, search engine censorship, and cutting funding of allegedly copyright infringing websites, the bill takes Internet censorship to the next level.
TorrentFreak
So what do you think? So odd that Lulzsec started their attacks/hacks, the week this went to congress for voting no?
Latest Collections
Recent Posts
Thank you!
vBulletin Message